Thanks, Jason. Got it - that makes sense.
The main challenge for me has been the fixed IP requirement from some clients, which prevents using Functions in those cases.
Original Message:
Sent: 11-11-2025 12:52
From: Jason Mathison
Subject: Does Genesys Cloud support JWT
There is no reason that I know of that a function couldn't be configured to use a certificate to create JWT tokens. Having to be on an IP whitelist on the other hand would completely disqualify functions.
------------------------------
--Jason
Original Message:
Sent: 11-11-2025 09:37
From: Luiz Rosa
Subject: Does Genesys Cloud support JWT
Hi Jason Mathison,
Sorry if my earlier message wasn't clear.
In my case, clients require JWT authentication using a certificate and also a fixed IP, so we usually handle that through external middleware.
There's already an idea related to the fixed IP topic: https://genesyscloud.ideas.aha.io/ideas/OPCFDA-I-56 - hopefully it gets implemented in the future.
------------------------------
Luiz Rosa
Full stack developer
Original Message:
Sent: 11-11-2025 08:49
From: Jason Mathison
Subject: Does Genesys Cloud support JWT
One of the primary use-cases that Functions was designed to handle are custom authentication requirements like this, so it should be appropriate for this need. Lambdas and external middleware are also reasonable solutions to this requirement.
Luiz, is there something specific about functions that we should be looking to improve to better support these types of requirements?
------------------------------
--Jason
Original Message:
Sent: 11-10-2025 08:47
From: Luiz Rosa
Subject: Does Genesys Cloud support JWT
Hi Anna Mazor,
Genesys Cloud Data Actions don't support generic JWT authentication with custom certificates.
For APIs that require a signed JWT on each request, use a middleware to generate and sign the token, then call the target API.
You could also use a Data Action Function to run Node.js code, but since your use case involves certificates, Lambda or an external middleware is more appropriate.
Details:
Web Services Data Actions Requirements
Data Actions Function Requirements
------------------------------
Luiz Rosa
Full stack developer
Original Message:
Sent: 11-10-2025 05:21
From: Anna Mazor
Subject: Does Genesys Cloud support JWT
Hello
We received the following requirements from our Customer. Does Genesys Cloud support this integration?
API Authentication Requirements
- The organization shall generate a digital certificate for authentication against the API.
- All requests to the API are authenticated using a JSON Web Token (JWT) based on the digital certificate's Public Key, which is submitted to Leumi Card after registration on the portal. (A public key file must be provided in DER or PEM format).
- The calling application must send a signed JWT using its digital certificate in every API request via the Authorization header in the format: Bearer <token>.
- The JWT must contain the following required claims:
- aud (Audience(
- iss (Issuer)
- exp (Expiration Time): The expiration time of the token (maximum possible validity is 3 minutes from the creation time).
- iat (Issued At): The time that the token was issued.
- clientId: The clientId value that is also sent in the client-id header.
Thank you in advance
Anna
#DataActions
------------------------------
Anna Mazor
CEO
------------------------------